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REMARKS 

Initially, Applicant notes that the remarks and amendments made by this paper are consistent with 
those presented to the Examiner by telephone. 

By this paper, claims 1-14 and 22-44 have been amended and no claims have been added or 
canceled such that claims 1-14 and 22-45 remain pending, of which claims 1, 9, 27, and 35 are the only 
independent claims at issue. 

The Office Action mailed April 04, 2008, considered and rejected claims 1-14 and 22-45. Claims 
27-40 were rejected under 35 U.S.C. § 101 because claims were directed to non-statutory subject matter. 
Claims 1, 4-6, 9-11, 27, 30-32, 35-37, and 41-45 were rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Moreh et al. (U.S. Patent No. 6,959,336), hereafter Moreh, and further in view of Sweet 
et al. (U.S. Publ. No. 2002/0031230), hereafter Sweet, and Laursen et al. (U.S. Patent No. 6,065,120), 
hereafter Laursen. Claims 2-3, 8, 12, 22, 25-26, 28-29, 34 and 38 were rejected under 35 U.S.C. § 103(a) 
as being unpatentable over Moreh and further in view of Sw eet. Laursen and Wood et al. (U.S. Patent No. 
6,609,198), hereafter Wood. Claims 23 and 24 were rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Moreh and further in view of Sweet, Laursen, Wood and Leah (U.S. Patent No. 
6,986,039), hereafter Leah. Claims 13 and 39 were rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Moreh and further in view of Sweet, Laursen, and Wood. 1 

With regard to the objections to the claims, Applicant notes that the relevant claims have been 
amended to correct for the antecedent basis objection. Applicant respectfully submits that the claims are 
now in proper form with respect to the noted objections. Furthermore, regarding the rejection of the 
computer program product claims under 35 U.S.C. 101, Applicant notes that the applicable claims have 
been amended to recite the computer-readable storage media rather than the computer program product 
stored thereon. In view of these amendments, Applicant submits that the 35 U.S.C. 101 rejections are 
now moot. 

Applicants' claimed invention is generally directed to embodiments for managing multiple 
credentials in a distributed system. The embodiment of claim 1, for example recites a method for 
associating multiple credentials with a single user account such that the user may be authenticated with 
any one of the multiple credentials utilizing a service that is accessed by a user from one or more devices 
with varying input capabilities. In the method, the authentication service receives an authentication 
request from a device that includes credentials of the user with the credentials being selected by the user 
from among a plurality of credentials valid at the authentication system based at least partially on the 



1 Although the prior art status of the cited art is not being challenged at this time, Applicant reserves the right to challenge the 
prior art status of the cited art at any appropriate tune, should it arise. Accordingly, any arguments and amendments made herein 
should not be construed as acquiescing to any prior art status of the cited art. 
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user's device. The credentials provided by the user are then validated, wherein the credentials are 
associated with a unique single user identifier of the user, a user account, and a user profile. The 
authentication system receives new credentials from the user, wherein the new credentials are associated 
with the same unique user identifier of the user, user account, and user profile. The new credentials are 
stored in a credential store of the authentication system such that the authentication system can 
authenticate the user to the service when the user provides any one of the multiple credentials associated 
with the user account. The authentication system provides, in response to the request, the unique user 
identifier and the user profile to the device. 

The remaining independent claims are closely related to independent claim 1 and are allowable 
for the same reasons as discussed below with regard to claim 1 . Claim 9 is directed to a method similar to 
the method of claim 1, but recited from the perspective of the user rather than the service. Claims 27 and 
35 recite computer program products corresponding to the methods of claims 1 and 9 respectively, with 
claim 27 being slightly narrower in scope than claim 1 . 

The independent claims were rejected in view of Moreh, Sweet, and Laursen. Moreh discloses a 
federated authentication service technology. In the disclosure of Moreh, a client authenticates a subject 
using a protocol proxy that mediates with an authentication mechanism to obtain a name assertion that 
can then be used to access a server. When multiple authentication mechanisms are available, an optional 
agent and mechanism resolution process are used to resolve one suitable mechanism to use. The Office 
Action cites Sweet as demonstrating credential being associated with a single unique user identifier, a 
user account and a user profile. The Office Action concedes that Moreh and Sweet fail to disclose 
credentials being selected by the user from among a plurality of credentials based at least partially on the 
user's device. To compensate for this failing, the Office Action cites Laursen as purportedly 
compensating for the failings of Moreh and Sweet. Laursen discloses embodiments allowing a thin client 
to authenticate with a rendezvous associated with a user account in a server. The rendezvous can then 
authenticate with the server allowing the thin device to interact at the server without requiring the thin 
client to actually authenticate with the server. 

Applicant respectfully submits that Laursen fails to compensate for the failings of Moreh and 
Sweet and hereby respectfully traverses this rejection. For example, contrary to the assertion of the 
Office Action, Applicant respectfully submits that Laursen fails to disclose a plurality of credentials based 
at least partially on the user's device and that a user selects from among the plurality of credentials. The 
presently claimed embodiments allow a user to authenticate to an authentication system using credentials 
that a user has selected. By allowing the user to select a credential that is most appropriate for the user's 
device, the present embodiments allow a user to easily authenticate to a service using the most convenient 
input method available to the user. For example, if the user is using a phone the credential might consist 
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entirely of numeric characters, while a tablet computer might have a signature type credential. While the 
phone user may desire numeric input for convenience, the user could alternatively choose a conventional 
text based credential. The choice is up to the user and the manner in which they desire to interact with the 
authentication system. 

In contrast, the cited art of Laursen fails to teach the user selecting a credential from among a 
plurality of credentials based at least partially on the user's device. The Office Action asserts that column 
3, lines 4-17 teaches this claim element, however, Applicant respectfully disagrees. In particular, the 
cited section of Laursen describes a service that allows a user to self-provision to a rendezvous service 
that then authenticates the user to a database. Notably absent from the cited disclosure is the user 
selecting what credential to use from among a plurality of credentials valid at the server. Because the 
cited section is a brief summary of the invention of Laursen, many of the details of the self-provisioning 
process are missing and the summary only suggests what is actually taking place. A better understanding 
of what is actually occurring is available in the detailed description of Laursen. For example, Figure 5a 
details the provisioning process. In the described provisioning process the device is identified using 
device specific information. If the device is recognized, the device is mutually authenticated with the 
server. As described in columns 7 and 8, the authentication process involves pre-shared keys. It will be 
noted that the pre-shared keys are unique to the device and are not chosen by the user. Once the session is 
established the user enters credential information at the rendezvous. Column 14, lines 15 and 16 describe 
the actual credential exchange. Notably, the user is prompted for a username and a password. The user 
is not choosing from a plurality of credentials as required in the claim element. Instead, the user is 
entering a specific credential requested by the rendezvous. In contrast with the currently claimed 
invention, the user has no option to select a credential based on the input of the device. Without teaching 
the user selecting from among a plurality of valid credentials as recited in combination with the remaining 
claims elements, Applicant respectfully submits that Laursen fails to compensate for the failings of Moreh 
and Sweet. 

It will be noted that independent claim 27 contains further elements that are not found in the cited 
art. For example, claim 27 requires that the credentials supplied by the user correspond to a type 
associated with the device. For instance, a phone might only be allowed to submit numerical credentials 
or a voice credential. When a new credential is provided, it is further verified to comply with the type of 
credential associated with the device type. Furthermore, when the user successfully authenticates the 
same unique user identifier is returned regardless of the credentials supplied and the users device. 

In view of the foregoing, Applicant respectfully submits that the other rejections to the claims are 
now moot and do not, therefore, need to be addressed individually at this time. It will be appreciated, 
however, that this should not be construed as Applicant acquiescing to any of the purported teachings or 
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assertions made in the last action regarding the cited art or the pending application, including any official 
notice. Instead, Applicant reserves the right to challenge any of the purported teachings or assertions 
made in the last action at any appropriate time in the future, should the need arise. Furthermore, to the 
extent that the Examiner has relied on any Official Notice, explicitly or implicitly, Applicant specifically 
requests that the Examiner provide references supporting the teachings officially noticed, as well as the 
required motivation or suggestion to combine the relied upon notice with the other art of record. 

In the event that the Examiner finds remaining impediment to a prompt allowance of this 
application that may be clarified through a telephone interview, the Examiner is requested to contact the 
undersigned attorney at (801) 533-9800. 

Dated this 30 th day of September, 2008. 

Respectfully submitted, 

/Colby C. Nuttall, Reg. # 58146/ 

RICK D. NYDEGGER 
Registration No. 28,65 1 
COLBY C. NUTTALL 
Registration No. 58,273 
JOHN C. BACOCH 
Registration No. 59,890 
Attorneys for Applicant 
Customer No. 47973 
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